[squid-users] squid 3.4.8 ssl-bump resolve ip in access.log
nicolas.langlois at rouen.archi.fr
Tue Dec 1 11:40:06 UTC 2015
Hi, i'm trying to set up squid 3.4.8 on debian , i want a full transparent proxy, no conf on client side .
it's working actually but i 'm ask to report websites access but for https actually i just get this kind of line in my access.log :
< TCP_MISS/200 288 CONNECT 22.214.171.124:443 - ORIGINAL_DST/126.96.36.199 <
Is there a way to have dns resolution and log the website visited for https ?
Here is a part of my squid.conf :
http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/ssl_cert/squid.pem
http_port 192.168.1.1:3129 intercept
https_port 192.168.1.1:3130 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/ssl_cert/squid.pem
ssl_bump none all
sslproxy_cert_error allow all
always_direct allow all
or is there a magical solution for transparent proxy with no client-side (certs or proxy conf) config working actually with https ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the squid-users